<?php
session_start();
$username = trim($_POST['username']); //通过全局数组$_POST读取前端表单name为username的表单值
$usernameReg = '/^[a-zA-Z0-9]{3,10}$/' ;
if (!preg_match($usernameReg,$username)){
    echo "<script>alert('用户名只能是大小写字母，主子，长度为3-10');historg.back();</script>";
    exit;
}
$pw = trim($_POST['pw']);
$pwReg = "/^[a-zA-Z0-9_\-*]{6，10}$/; ";
if (!preg_match($pwReg,$pw)){
    echo "<script>alert('密码要求只能是大小写字母，数字，_，——，*，长度为6-10');historg.back();</script>";
    exit;
}
$pw = md5($pw);
include 'conn.php';
//3.设置sql语句
$sql = "select * from userinto where username = '$username' and pw = '$pw'";
$result = mysqli_query($conn,$sql);
if (mysqli_num_rows($result)){
    //写入一个登录标志
    echo "<script>alert('登陆成功！！');location.href='index.php';</script>";
    //$_SESSION['isLogged'] = 1
    $_SESSION['loggedUsername'] = $username;
}
else{
    echo “<script>alert('用户名或密码错误');historg.back();</script>”;
    session_destroy();
}
?>